ModSecurity

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the site visitors than any web server does, so you will manage to keep an eye on what's going on with your sites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects if someone is attempting to log in to the administrator area of a specific script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records detailed details about them inside its logs. ModSecurity is amongst the very best software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Website Hosting

ModSecurity is supplied with all cloud website hosting machines, so if you decide to host your websites with our company, they will be shielded from an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any site if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. As we take the security of our clients' Internet sites very seriously, we employ a selection of commercial rules that we take from one of the top companies that maintain this kind of rules. Our admins also add custom rules to ensure that your Internet sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer include ModSecurity and given that the firewall is enabled by default, any Internet site that you create under a domain or a subdomain will be protected right away. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity won't take any action, but it will still detect possible attacks and will keep all data inside a log as if it were fully active. The logs could be found inside the exact same section of the CP and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we employ on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. Consequently, we provide increased security for your web programs as we can protect them from attacks even before security corporations release updates for new threats.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there will not be anything special which you'll have to do to protect your sites. It shall take you only a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You shall be able to view the logs created in passive or active mode via the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to tackle it, and so on. We employ a combination of commercial and custom rules in order to make sure that ModSecurity shall stop as many risks as possible, hence improving the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any program that you upload or set up shall be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. An individual section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you shall find in the logs can allow you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this info, you could see whether an Internet site needs an update, whether you need to block IPs from accessing your hosting server, and so on. Besides the third-party commercial security rules for ModSecurity that we use, our admins include custom ones as well if they discover a new threat which is not yet in the commercial bundle.